Subscription to the full report on a daily basis can be obtained:
Send an eMail to dhsdailyadmin@mail.dhs.osis.gov with the subject "DHS Daily Open Source Infrastructure Report" and the following line in the body...subscribe.
To obtain a complete copy of the current report proceed to the DHS link below.
To obtain reports more than 10 business days old, send an eMail to DHS_Reports@e-computer-security.com. Be specific as to the reports you wish to receive.

• Eleven individuals were injured by fire and
flying debris when a propane tank on a food truck exploded while it was parked
in the Feltonville section of Philadelphia July 1. – WCAU 10 Philadelphia

14.
July 2, WCAU 10 Philadelphia – (Pennsylvania) 12 hurt, 2 critical in
food truck explosion. Eleven individuals were injured by fire and flying
debris when a propane tank on the La Parrillada Chapina food truck exploded
while it was parked in the Feltonville section of Philadelphia July 1. Nearby
roadways were blocked off for several hours while police investigated the cause
of the explosion. Source: http://www.nbcphiladelphia.com/news/local/Auto-Body-Shop-Explodes-in-Feltonville-265446241.html

• Federal authorities announced July 1 that
six members of the Los Angeles County Sheriff’s Department were convicted of
obstructing a federal investigation into violence against inmates in county
jails. – Southern California City News Service

• Kaspersky stated that the takedown by
Microsoft of several domains belonging to the No-IP Internet service also
disrupted in some form the operations of around 25 percent of advanced
persistent threat (APT) groups the company is tracking. – SC Magazine (See
item 28) below in the Information
Technology Sector

• A Texas woman pleaded guilty June 30 to her
role in an international shoplifting ring that used oversized bags to steal
millions of dollars’ worth of merchandise from stores in Texas, Canada, and
Australia. – Reuters

9. July 2, WMAZ 3 Macon –
(Georgia) 16 people arrested in Macon racketeering investigation. Sixteen
suspects were arrested in Macon as part of a joint federal investigation into
an alleged identity theft scheme that used stolen credentials from hundreds of
victims to add funds to Bibb County Jail and Georgia Department of Corrections
prisoner’ accounts. Authorities believe many of the suspects are associated
with the Crips street gang and six suspects are still being sought. Source: http://www.13wmaz.com/story/news/local/macon/2014/07/02/rico-investigation-nets-16-macon-arrests/12010377/

11. July 1, BankInfoSecurity –
(National) POS vendor: Possible restaurant breach. Vancouver,
Washington-based point of sale (POS) vendor Information Systems & Supplies
notified restaurant customers June 12 that it experienced a LogMeIn
remote-access compromise three times between February and April, potentially
exposing the payment card data of the restaurants’ customers who used the POS
devices. Source: http://www.bankinfosecurity.com/pos-vendor-possible-restaurant-breach-a-7009/op-1

12. July 1, WFLD 32 Chicago –
(Illinois) FBI offers $5K reward for ‘No Boundaries Bandit’. The FBI
announced a reward for information leading to the arrest of a suspect known as
the “No Boundaries Bandit” wanted in connection with at least seven bank
robberies in the Chicago area since May 16. The most recent robbery associated
with the suspect occurred June 24 at a Chase Bank branch in Chicago. Source: http://www.myfoxchicago.com/story/25918468/fbi-offers-5k-reward-for-no-boundaries-bandit

For additional stories, see item 8 from the Critical Manufacturing Sectorbelowand 31 below
in the Information Technology Sector

8. July 1, U.S. Attorney’s Office,
Western District of Missouri – (Missouri) Kansas City woman indicted in
$3 million fraud scheme that forced employer into bankruptcy. A Kansas
City, Missouri certified public accountant was indicted July 1 on charges that
she allegedly created unauthorized Automated Clearing House (ACH) transactions
and loan documents to defraud her employer, Galvmet Inc., and Missouri Bank
& Trust of around $3 million between 2004 and 2014. Prosecutors allege that
the fraud caused the company to go into bankruptcy and cease operations in
2014. Source: http://www.fbi.gov/kansascity/press-releases/2014/kansas-city-woman-indicted-in-3-million-fraud-scheme-that-forced-employer-into-bankruptcy

27. July 2, The Register – (International) MONSTER
COOKIES can nom nom nom ALL THE BLOGS. A security researcher identified and
reported a method that could be used to prevent users from accessing Web sites
by setting cookies with header values so large that they trigger Web server
errors. The researcher demonstrated the attack against the Google Blog Spot
network and showed that users given the altered cookies were not able to see
any blogs on the service. Source: http://www.theregister.co.uk/2014/07/02/monster_cookies_can_nom_nom_nom_all_the_blogs/

28. July 2, SC Magazine – (International) MS No-IP
takedown hits 25% of APT attackers. Kaspersky stated that the takedown by
Microsoft of several domains belonging to the No-IP Internet service also
disrupted in some form the operations of around 25 percent of advanced
persistent threat (APT) groups the company is tracking. Microsoft also stated
that service was restored to legitimate customers July 1, however No-IP stated
that domains were still experiencing outages July 2 Source: http://www.scmagazineuk.com/ms-no-ip-takedown-hits-25-of-apt-attackers/article/359021/

30. July 1, Help Net Security – (International) Number
and diversity of phishing targets continues to increase. The Anti-Phishing
Working Group (APWG) released a report on phishing during the first quarter of
2014 and found that the number of phishing sites increased by 10.7 percent over
the previous quarter, among other findings. Source: http://www.net-security.org/secworld.php?id=17070

31. July 1, Help Net Security – (International) Geodo
infostealer gets help from worm. A security researcher identified a new
version of the Cridex information-stealing malware known as Geodo that works in
conjunction with a worm to spread. The researcher found that the malware is
completely new code but uses the same botnet, command and control infrastructure,
and distribution mechanisms as the previous Feodo version of Cridex. Source: http://www.net-security.org/malware_news.php?id=2799

33. July 1, Help Net Security – (International) Facebook
SDK flaw allows unauthorized access to Facebook accounts. MetaIntell
researchers identified a vulnerability in the Facebook SDK for Android and iOS
that could allow an attacker to compromise users’ Facebook accounts due to
insecure storage of the Facebook Access Token. The vulnerability is present in
31 of the top 100 Android apps and 71 of the top 100 iOS apps. Source: http://www.net-security.org/secworld.php?id=17074

Links

About Me

U.S. Army Retired Chief Warrant Officer with more than 40 years in information technology and 35 years in information security. Became a Certified Information Systems Security Professional in 1995 and have taught computer security in Asia, Canada and the United States. Wrote a computer security column for 5 years in the 1980s titled "for the Sake Of Security", penname R. E. (Bob) Johnston, which was published in Computer Decisions.
Motto: "When entrusted to process, you are obligated to safeguard"